﻿<?php
session_start();
include('functions.php');
connect();
// See if the user has access to do this
$id=$_SESSION["id"];
$q=mysql_query("select roledescription from person where id=$id");
$roledescription=mysql_fetch_row($q);
$roledescription=$roledescription[0];
$q=mysql_query("select description from permission where roledescription='$roledescription'");
$hasaccess=false;
for ($i=0; $i<mysql_num_rows($q); $i++){
	$description=mysql_fetch_row($q);
	if ($description="addlesson")
		$hasaccess=true;
}
// Do the thing
if ($hasaccess){
?>
<form action="addlesson1.php" method="POST">
نام درس: 
<input type="text" name="name"><br />
ترم: 
<input type="text" name="semester"><br />
کلید: 
<input type="text" name="key" value="<?php echo(generatepassword()); ?>"><br />
<input type="submit" value="ثبت">
</form>
<?php
}
else{
	echo "شما اجازه ی دسترسی به این قسمت را ندارید";
}
?>
